Area optimization of cryptographic co-processors implemented in dual-rail with precharge positive logic

Field programmable gate arrays (FPGAs) become very popular for embedded cryptographic operations. In order to resist side-channel attacks, FPGAs must implement reasoned countermeasures. The most efficient way to mitigate attacks is to adopt a gate-level protection. Two secure gates families exist: those that ldquohiderdquo and those that ldquomaskrdquo side-channel leakage. In this article, we detail methods to reduce the size of wave dynamic differential logic (WDDL) implementations. These circuits are designed to hide any physical leak by ensuring a data-independent activity. This study is meant to be generic, and thus applies to any 4 rarr 1 LUT-based FPGAs. Further optimizations can be reached by taking advantage of some FPGAs proprietary features. Our solutions include RTL code modification, synthesizer usage (potentially in a re-entrant way), and ad hoc mapping. We show that linear parts of algorithms can be delegated to a synthesizer, but that non-linear parts are better off to be handled with heuristics. We present a 23 % area gain over the state-of-the-art as for the positive WDDL triple-DES symmetric encryption algorithm.